Rombus
Premium
join:2007-04-11
Columbus, OH
| Inactive hacked account, But paid a month?
Ok, so this is so strange for me. I played wow for a while, but quit last April due to my work obligations. So today, i got an email that my wow account password had changed at about 11:30 last night, and another email at 4am from blizzard saying there was unauthorized activity on my account, and that they had disabled it.
This is odd, not only because i haven't played in over a year, but also that i don't have the client installed on either of my computers. I jumped though there account recovery hoops and regained access to my account (After doing a quick security sweep of both systems and changing various passwords). So i check things out, update some information and check out the account status. It says Active. O.o
Sure enough, someone setup a subscription on my account, and paid it as of today. I checked out my bank accounts, and neither has any odd charges. Im working on installing and patching right now to see what damage was done to my chars. Otherwise it seems that someone managed to give me a free month to play.
Has this happened to anyone else? |
|
NOCMan
Verizon Fios User
Premium
join:2004-09-30
Flower Mound, TX | If you use Gmail go through your email filters and make sure someone has not hacked that. |
|
Rombus
Premium
join:2007-04-11
Columbus, OH
| I just double checked and there have been no changes to my gmail account short of the password change i did when i first got wind of this.
Any other tips? Im double checking everything i can as i wait for another virus scan to run and the game to patch. |
|
POMPyroIsFun
join:2008-06-02
Fort Lauderdale, FL | reply to Rombus
Have you replaced your computer since you quit? It is possible if the computer had not been fully reformated at a low level (not the 'quick' one Windows does while installing)it is possible someone was able to retrieve old account information. |
|
Gordo74
Premium
join:2003-10-28
Monroeville, PA
clubs:
| said by POMPyroIsFun  :Have you replaced your computer since you quit? It is possible if the computer had not been fully reformated at a low level (not the 'quick' one Windows does while installing)it is possible someone was able to retrieve old account information. Thats just paranoia right there. I guarantee you even IF someone goes through that much trouble, their priority is NOT going to be a WoW account. |
|
POMPyroIsFun
join:2008-06-02
Fort Lauderdale, FL
| said by Gordo74 :Thats just paranoia right there. I guarantee you even IF someone goes through that much trouble, their priority is NOT going to be a WoW account. Yes, but paranoia makes me a nice living, so I'll just have to live with that.  |
|
hawk82
join:2001-04-26
Oakland, ME
 ·Verizon Online DSL
 ·RoadRunner Cable
| reply to Rombus
How good a password did you have on your WoW account prior to you getting the e-mail from Blizz? If it was easy to guess, then the password may have been bruteforced. Same with your Gmail account. I would change the passwords to both of them, just to be on the safe side. And don't use the same password to both. |
|
ErikVKing
Erik the Viking
Premium
join:2008-06-19
Kuwait
| reply to Rombus
Are you absolutely sure the email was from Bliz and not a phisher? And are you sure that you didn't have say a year paid ahead for WoW, so it would still be playable?
I'd check out the official WoW site, look at your account, and see if maybe you had a longer subscription than you remembered and to see if perhaps it'll show the card number or payment used if it isn't an old subscription.
I'd just hate to see you jumping through hoops for passwords and such with a phisher...
--
"I am Jack's utter lack of surprise." |
|
pp03
join:2002-06-13
Minneapolis, MN
| Yeah, it really seems like what Erik said...
I could see if you were like "I called their billing department etc."
In cases like that when they are real it requires a fax of a photo ID and processing time. For me to get a stolen account back and running took two weeks...
Hopefully you didn't just get scammed...
--
The History Channel rocks! ... you know it! |
|
shinjuru
Premium,Mod
join:2000-10-29
California
·SureWest Internet
Host:
PC gaming GAMES
PC gaming Tech
[BBR] Clan Public
Northern California
| reply to Rombus
I know it would absolutely suck to call and wait, but you really should call Billing and straighten it out. You never know if it's an odd Billing problem.
--
Games - GameTech - S.F.Bay - 新 |
|
P Ness
You'Ve Forgotten 9-11 Already
Premium
join:2001-08-29
Cromwell, CT
clubs:
| Welcome to something blizzard has never admitted
THERE IS AN INTERNAL SECURITY ISSUE
every company has it.
i have 3 accounts, 1 acct the wife played for the first month then we cancled it....TWO YEARS AGO.
i got notice in march THIS YEAR that the acct was banned because of TOS voilations. ummm lolwat?
turns out someone had been using my acct for 2 months to sell gold. it was inactive for two years and the password was beyond insane as well as the username was very unique.
this screams internal problem. but good luck getting blizzard to admit it. they just like to blame the end user. oh and this end user has never been hacked on the other two accts...never.
--
www.stopfcc.comI do not think the government needs to restrict free speech especially on a device that has an off knob. |
|
Rombus
Premium
join:2007-04-11
Columbus, OH
| @POMPyroIsFun:
Nope, still using the same computers
@Hawk82:
Wow and GMail accounts were both strong (mixed case, mixed numbers, non dictionary, with symbols). Both have been changed the moment i found something strange.
@ErikVKing
Positive, i did not use the links in the emails, and emails back to blizzard are what got my account unlocked. After i regained access, i double checked and i was on a month to month account, with my last payment of 14.99 over a year ago (April '07) so it wasnet active. The account was truly disabled by blizzard since i could not log into the account manager. As for why i did not have to jump though the ID hoops i may never no, except maybe because they caught it before i did? Or because it was inactive? Who knows.
I plan on giving them a call Monday to be sure, but after regaining access i found that everything was untouched. Nothing was missing, not even any gold. And the account was paid as of Friday and it was not with any credit card i have. I guessing P Ness is right on this one, its an internal problem at blizzard. Ah well, atleast i got a free month out of it  |
|
SauceMaster
join:2004-08-01
Kokomo, IN
·AT&T Midwest
 ·Vonage
| reply to Rombus
If you do some google searching , you'll see this type of stuff happens more than you think. Also there has been several sites like thottbot , allakhazam and even wowhead that have hosted ads with trojan's in them. I think allakhazam is the worst of all them since they've had this happen 4 times at least.
I also agree with P Ness about a blizzard security issue. Obviously blizzard won't admit it. I'm betting the person used a stolen credit card. Which could mean they totally lock the account forever. Blizzard isn't shy about banning accounts cause they know most people will go buy the game again and pay. again google search and you'll see they don't care. Even if you maybe right.
I'm guessing the account will be flagged for a account admin to review the account. That's when you find out the account is locked forever. This happened to a friend of mine many months ago. He was actually in the hospital during the time of it , blizzard didn't care. They permanently banned his account forever.
He called billing and they setup a new password and they emailed it , he also gave them all the proper passwords and secret question. 24 hours later he got a email from the account admin saying that account was banned forever.
--
Broadcasting The Classic Rock Hits 24/7 SauceMaster Radio!!!! |
|
P Ness
You'Ve Forgotten 9-11 Already
Premium
join:2001-08-29
Cromwell, CT
clubs:
| i doubt they will perma ban it.
they will put you through the 70 steps to recover the acct and give it back to you when they see the payment was not from you
--
www.stopfcc.comI do not think the government needs to restrict free speech especially on a device that has an off knob. |
|
MaybeTrouble
join:2008-05-09
Anchorage, AK
edit:
July 21st, @01:56PM
| reply to Rombus
Yep, this happens all the time.
One of two things is happening. Either there are people at Blizzard who're selling inactive accounts to make money (serious money if there are lvl 70 toons). It doesn't take too much imagination to realise that some of these will end up in the hands of gold farmers, and sometimes this might even be done deliberately.. or..
The second possibility is the people that reset passwords are too easily socially engineered by gold farmers. It's known they actively search for inactive accounts, because of the ready made toons and the head start they'll get from selling your old gear. Then all it takes is a few attempts to get a Blizzard employee to reset the password. If the caller is difficult to understand, this is even quite likely as the employee will want to get rid of the call as quickly as possible. Happens all the time in tech support, and is something we strive to tell our people to avoid at my work.
As a previous poster said, good luck in getting Blizzard to admit they have an internal security problem. Fortunately the account selling only happens on inactive accounts, so the logs are less likely to be found when the gold farming activity is noticed. But if it's a recent account you stopped paying for, it's worth getting Blizzard to investigate because they might even find the person responsible (for either getting tricked into reactivating or selling it).
--
If people taste like bacon, doesn't it follow that bacon tastes like people? |
|
saillaw
join:2007-05-08
Azerbaijan
| reply to Rombus
said by Rombus : The account was truly disabled by blizzard since i could not log into the account manager. As for why i did not have to jump though the ID hoops i may never no, except maybe because they caught it before i did? Or because it was inactive? Who knows. The fact that you did not have to jump through the ID hoops and that blizzard found the hacker before you would, like the others in this thread, make me think you were at a phishing site. But since you say you were not I'm guessing that this may be a case where it was an inside job that blizzard actually caught on its own (read, blizzard employee caught with a bunch of hacked accounts blizz immediately disables the accounts and then restores them without the normal pain in the ass process of proving your identity).
--
Hanging with my Gnomies |
|
